diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-12-19 18:18:23 +0100 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-12-19 18:41:41 +0100 |
commit | 07156b6c09165cf61a6bd499d26151d1f32bf3a9 (patch) | |
tree | 165e39c03eaff470c42ef8e3af8f2c3de03b6465 /src/Volume | |
parent | 18dc75ee629c5f7af61bf8393dbb693cdd78b235 (diff) | |
download | VeraCrypt-07156b6c09165cf61a6bd499d26151d1f32bf3a9.tar.gz VeraCrypt-07156b6c09165cf61a6bd499d26151d1f32bf3a9.zip |
Linux/MacOSX: Enhance performance by implementing the possibility to choose the correct hash algorithm of volumes during various operations (mount, change password...), both using the GUI and the command line.
Diffstat (limited to 'src/Volume')
-rw-r--r-- | src/Volume/Pkcs5Kdf.h | 7 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Volume/Volume.cpp | 12 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Volume/Volume.h | 4 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Volume/VolumeHeader.cpp | 5 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Volume/VolumeHeader.h | 2 |
5 files changed, 20 insertions, 10 deletions
diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h index 8618bb97..19267b0f 100644 --- a/src/Volume/Pkcs5Kdf.h +++ b/src/Volume/Pkcs5Kdf.h @@ -31,6 +31,7 @@ namespace VeraCrypt virtual shared_ptr <Hash> GetHash () const = 0; virtual int GetIterationCount () const = 0; virtual wstring GetName () const = 0; + virtual Pkcs5Kdf* Clone () const = 0; virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); } protected: @@ -53,6 +54,7 @@ namespace VeraCrypt virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); } virtual int GetIterationCount () const { return 655331; } virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160(); } private: Pkcs5HmacRipemd160 (const Pkcs5HmacRipemd160 &); @@ -69,6 +71,7 @@ namespace VeraCrypt virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Ripemd160); } virtual int GetIterationCount () const { return 327661; } virtual wstring GetName () const { return L"HMAC-RIPEMD-160"; } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacRipemd160_1000(); } private: Pkcs5HmacRipemd160_1000 (const Pkcs5HmacRipemd160_1000 &); @@ -85,6 +88,7 @@ namespace VeraCrypt virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); } virtual int GetIterationCount () const { return 200000; } virtual wstring GetName () const { return L"HMAC-SHA-256"; } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256_Boot(); } private: Pkcs5HmacSha256_Boot (const Pkcs5HmacSha256_Boot &); @@ -101,6 +105,7 @@ namespace VeraCrypt virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha256); } virtual int GetIterationCount () const { return 500000; } virtual wstring GetName () const { return L"HMAC-SHA-256"; } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256(); } private: Pkcs5HmacSha256 (const Pkcs5HmacSha256 &); @@ -117,6 +122,7 @@ namespace VeraCrypt virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Sha512); } virtual int GetIterationCount () const { return 500000; } virtual wstring GetName () const { return L"HMAC-SHA-512"; } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha512(); } private: Pkcs5HmacSha512 (const Pkcs5HmacSha512 &); @@ -133,6 +139,7 @@ namespace VeraCrypt virtual shared_ptr <Hash> GetHash () const { return shared_ptr <Hash> (new Whirlpool); } virtual int GetIterationCount () const { return 500000; } virtual wstring GetName () const { return L"HMAC-Whirlpool"; } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacWhirlpool; } private: Pkcs5HmacWhirlpool (const Pkcs5HmacWhirlpool &); diff --git a/src/Volume/Volume.cpp b/src/Volume/Volume.cpp index 2c319ad9..12bc9a14 100644..100755 --- a/src/Volume/Volume.cpp +++ b/src/Volume/Volume.cpp @@ -62,7 +62,7 @@ namespace VeraCrypt return EA->GetMode(); } - void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) + void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) { make_shared_auto (File, file); @@ -93,10 +93,10 @@ namespace VeraCrypt throw; } - return Open (file, password, keyfiles, protection, protectionPassword, protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope); + return Open (file, password, kdf, keyfiles, protection, protectionPassword, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope); } - void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) + void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) { if (!volumeFile) throw ParameterIncorrect (SRC_POS); @@ -189,7 +189,7 @@ namespace VeraCrypt shared_ptr <VolumeHeader> header = layout->GetHeader(); - if (header->Decrypt (headerBuffer, *passwordKey, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes)) + if (header->Decrypt (headerBuffer, *passwordKey, kdf, layout->GetSupportedKeyDerivationFunctions(), layoutEncryptionAlgorithms, layoutEncryptionModes)) { // Header decrypted @@ -238,9 +238,9 @@ namespace VeraCrypt Volume protectedVolume; protectedVolume.Open (VolumeFile, - protectionPassword, protectionKeyfiles, + protectionPassword, protectionKdf, protectionKeyfiles, VolumeProtection::ReadOnly, - shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> (), + shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (), VolumeType::Hidden, useBackupHeaders); diff --git a/src/Volume/Volume.h b/src/Volume/Volume.h index dce2aa3b..dcc6eb01 100644..100755 --- a/src/Volume/Volume.h +++ b/src/Volume/Volume.h @@ -89,8 +89,8 @@ namespace VeraCrypt uint64 GetVolumeCreationTime () const { return Header->GetVolumeCreationTime(); } bool IsHiddenVolumeProtectionTriggered () const { return HiddenVolumeProtectionTriggered; } bool IsInSystemEncryptionScope () const { return SystemEncryption; } - void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false); - void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false); + void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false); + void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false); void ReadSectors (const BufferPtr &buffer, uint64 byteOffset); void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf); void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset); diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp index e7a47d29..fbdece50 100644..100755 --- a/src/Volume/VolumeHeader.cpp +++ b/src/Volume/VolumeHeader.cpp @@ -78,7 +78,7 @@ namespace VeraCrypt EncryptNew (headerBuffer, options.Salt, options.HeaderKey, options.Kdf); } - bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes) + bool VolumeHeader::Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes) { if (password.Size() < 1) throw PasswordEmpty (SRC_POS); @@ -89,6 +89,9 @@ namespace VeraCrypt foreach (shared_ptr <Pkcs5Kdf> pkcs5, keyDerivationFunctions) { + if (kdf && (kdf->GetName() != pkcs5->GetName())) + continue; + pkcs5->DeriveKey (headerKey, password, salt); foreach (shared_ptr <EncryptionMode> mode, encryptionModes) diff --git a/src/Volume/VolumeHeader.h b/src/Volume/VolumeHeader.h index 8ce56fd8..cb567f22 100644..100755 --- a/src/Volume/VolumeHeader.h +++ b/src/Volume/VolumeHeader.h @@ -56,7 +56,7 @@ namespace VeraCrypt virtual ~VolumeHeader (); void Create (const BufferPtr &headerBuffer, VolumeHeaderCreationOptions &options); - bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes); + bool Decrypt (const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes); void EncryptNew (const BufferPtr &newHeaderBuffer, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf); uint64 GetEncryptedAreaStart () const { return EncryptedAreaStart; } uint64 GetEncryptedAreaLength () const { return EncryptedAreaLength; } |